Ok. So here's a full rundown of what I've done so far including config files and log. Hope that helps.
First of all I've cloned the repository of the CAS war overlay and switched to branch 5.0. Then I've generated a certificate (thekeystore) and put it into '/etc/cas/'. When I run cas, https seems to be working fine. Next I changed the cas.properties to cas.server.name=https://localhost:8443 > cas.server.prefix=https://localhost:8443/cas cas.adminPagesSecurity.ip=127\.0\.0\.1 > logging.config=file:/etc/cas/config/log4j2.xml > # cas.serviceRegistry.config.location: classpath:/services > cas.authn.accept.users= ### LDAP settings ### > cas.authn.ldap[0].useSsl=false > cas.authn.ldap[0].useStartTls=false > > cas.authn.ldap[0].ldapUrl=ldap://ldapserver.company.com:389/dc=company,dc=com > cas.authn.ldap[0].dnFormat=uid=%s,ou=Users,dc=company,dc=com > cas.authn.ldap[0].baseDn=dc=company,dc=com > cas.authn.ldap[0].connectTimeout=5000 > cas.authn.ldap[0].principalAttributeId=uid > cas.authn.ldap[0].principalAttributePassword= > cas.authn.ldap[0].minPoolSize=3 > cas.authn.ldap[0].maxPoolSize=10 > cas.authn.ldap[0].validateOnCheckout=true > cas.authn.ldap[0].validatePeriodically=true > cas.authn.ldap[0].validatePeriod=600 > cas.authn.ldap[0].failFast=true > cas.authn.ldap[0].idleTime=5000 > cas.authn.ldap[0].prunePeriod=5000 > cas.authn.ldap[0].blockWaitTime=5000 I got assured by our systems department, that these settings should be ok. I did not touch 'application.yml' or any other file (except the pom.xml, which I attached alongside the cas.log). Now, when I run "./build.sh clean package" & "./build.sh run" the server starts up, but login fails with the message 2016-08-24 07:47:01,453 WARN > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - > <Authentication has failed. Credentials may be incorrect or CAS cannot find > authentication handler that supports [sam] of type > [UsernamePasswordCredential], which suggests a configuration problem.> > If you need anything else, please let me know. Thanks in advance. Am Mittwoch, 24. August 2016 06:00:37 UTC+2 schrieb Misagh Moayyed: > > Without knowing what you have so far, it’s very difficult to say. Either > you have misplaced the configuration, or you have misdefined the property > keys. > > -- > Misagh > > From: Sascha Müller <zasc...@gmail.com> <javascript:> > Reply: Sascha Müller <zasc...@gmail.com> <javascript:> > Date: August 23, 2016 at 7:59:31 AM > To: CAS Community <cas...@apereo.org> <javascript:> > Subject: [cas-user] What are the exact steps to configure CAS 5.0.0 RC1 > to use LDAP? > > Hey everybody, > > I tried to configure LDAP login through CAS 5.0.0 RC1 for more or less 4 > days now. > As far as I understand the documentation, all I have to do is: > > > - add the dependency *cas-server-support-ldap* to my pom.xml and > - configure ldap support via cas.properties (like url, baseDn etc.). > > > But when I try to login, I get the following message on the console: > > Cannot find authentication handler that supports [username] of type >> [UsernamePasswordCredential], which suggests a configuration problem. >> > > > I get the strong feeling I'm missing something really important here... > -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+u...@apereo.org <javascript:>. > To post to this group, send email to cas-...@apereo.org <javascript:>. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > . > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/51f27ef4-59b9-4b3e-9cf6-e6908bf3d98d%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/51f27ef4-59b9-4b3e-9cf6-e6908bf3d98d%40apereo.org?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/a/apereo.org/d/optout. > > -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To post to this group, send email to cas-user@apereo.org. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f628b1e7-6a11-48fa-92f2-143866f3e39f%40apereo.org. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
pom.xml
Description: XML document
2016-08-24 07:43:24,591 INFO [org.apereo.cas.web.CasWebApplication] - <The following profiles are active: native> 2016-08-24 07:44:08,138 WARN [org.apereo.cas.services.InMemoryServiceRegistryDaoImpl] - <Runtime memory is used as the persistence storage for retrieving and persisting service definitions. Changes that are made to service definitions during runtime WILL be LOST upon container restarts.> 2016-08-24 07:44:08,261 INFO [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loaded 0 services from InMemoryServiceRegistryDaoImpl.> 2016-08-24 07:44:33,342 INFO [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services from InMemoryServiceRegistryDaoImpl.> 2016-08-24 07:45:09,939 INFO [org.apereo.cas.configuration.CasConfigurationRebinder] - <Reloaded CAS configuration cas-org.apereo.cas.configuration.CasConfigurationProperties> 2016-08-24 07:45:12,008 WARN [org.apereo.cas.ticket.registry.DefaultTicketRegistry] - <Runtime memory is used as the persistence storage for retrieving and managing tickets. Tickets that are issued during runtime will be LOST upon container restarts. This MAY impact SSO functionality.> 2016-08-24 07:45:16,603 INFO [org.apereo.cas.web.CasWebApplication] - <Started CasWebApplication in 131.065 seconds (JVM running for 136.071)> 2016-08-24 07:45:36,027 INFO [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services from InMemoryServiceRegistryDaoImpl.> 2016-08-24 07:45:36,054 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Beginning ticket cleanup...> 2016-08-24 07:45:36,056 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <0 expired tickets removed.> 2016-08-24 07:45:36,056 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Finished ticket cleanup.> 2016-08-24 07:46:36,028 INFO [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services from InMemoryServiceRegistryDaoImpl.> 2016-08-24 07:46:36,060 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Beginning ticket cleanup...> 2016-08-24 07:46:36,061 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <0 expired tickets removed.> 2016-08-24 07:46:36,061 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Finished ticket cleanup.> 2016-08-24 07:46:45,734 INFO [org.apereo.cas.web.flow.InitialFlowSetupAction] - <Setting path for cookies for warn cookie generator to: /cas/ > 2016-08-24 07:46:45,734 INFO [org.apereo.cas.web.flow.InitialFlowSetupAction] - <Setting path for cookies for warn cookie generator to: /cas/ > 2016-08-24 07:47:01,453 WARN [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [sam] of type [UsernamePasswordCredential], which suggests a configuration problem.> 2016-08-24 07:47:01,493 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: sam WHAT: Supplied credentials: [sam] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Wed Aug 24 07:47:01 CEST 2016 CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1 SERVER IP ADDRESS: 0:0:0:0:0:0:0:1 ============================================================= > 2016-08-24 07:47:01,493 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: sam WHAT: Supplied credentials: [sam] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Wed Aug 24 07:47:01 CEST 2016 CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1 SERVER IP ADDRESS: 0:0:0:0:0:0:0:1 ============================================================= > 2016-08-24 07:47:01,513 ERROR [org.apereo.cas.web.flow.AuthenticationExceptionHandler] - <Unable to translate handler errors of the authentication exception org.apereo.cas.authentication.AuthenticationException: 0 errors, 0 successes. Returning UNKNOWN by default...> 2016-08-24 07:47:01,513 ERROR [org.apereo.cas.web.flow.AuthenticationExceptionHandler] - <Unable to translate handler errors of the authentication exception org.apereo.cas.authentication.AuthenticationException: 0 errors, 0 successes. Returning UNKNOWN by default...> 2016-08-24 07:47:36,028 INFO [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services from InMemoryServiceRegistryDaoImpl.> 2016-08-24 07:47:36,061 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Beginning ticket cleanup...> 2016-08-24 07:47:36,062 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <0 expired tickets removed.> 2016-08-24 07:47:36,062 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Finished ticket cleanup.>
